NRI SecureTechnologies Blog

- Dedicated Team Focused on Security Diagnostic for Automobiles and Onboard Devices -

Tokyo - July 3, 2017 - NRI SecureTechnologies, Ltd. (President: Jun Odashima, hereinafter NRI Secure) has established a new team focused on information security diagnostics and assessments of automobiles and their onboard devices, and will now be providing a “Automotive Penetration Test” service (hereinafter the Service)

- Cyber-attacks on Automobiles a Growing ThreatRecently, the quest to improve fuel efficiency and make automatic driving a reality has made it increasingly common for automobiles to be equipped with information communication equipment that connects with external networks, smartphones, USB memory sticks, and other devices. With these items attracting attention as potential targets for cyber-attacks, any unauthorized remote access could lead to serious problems and may potentially jeopardize human lives.

In the U.S., the National Highway Traffic Safety Administration (NHTSA) released guidelines*1 last year requiring the automotive industry members to conduct penetration tests to simulate intrusions attempts by attackers. In response to this, many Japanese automobile manufacturers and auto-parts manufacturers that deal mainly in the North American market are currently looking into conducting such tests.

- Security Service for Automobiles Provided by a Dedicated TeamNRI Secure has provided numerous security assessments for automobile and related systems in the past and has created a detailed assessment criteria based on extensive experience with vehicle systems. Using this assessment criteria and past experience NRI Secure has now developed a new “Automotive Penetration Test” service that clients can use to help adhere to NHTSA guidelines and reduce overall risk.

The Service involves conducting penetration tests based on various guidelines for incorporated devices and on the expertise that NRI Secure has cultivated thus far through “Device Security Diagnostics*2” for IoT (the Internet of Things) equipment. NRI Secure is launching a dedicated team comprised mainly of members with extensive backgrounds and achievements in vehicle system penetration testing, who will identify risk scenarios and intrusion pathways through offline threat analysis and then run security assessments and diagnostics on the actual vehicles and their onboard devices. In addition, the dedicated team can support automobile manufactures or other clients who prefer to perform the diagnostic in-house.

For more information on the “Automotive Penetration Test” service, please contact: info@nri-secure.cojp.

NRI Secure will continue to innovate and provide products and services to support companies and organizations in their information security goals, and contribute to the creation of a safer information system environment and society on a global scale.

*1 Guidelines: Cybersecurity Best Practices for Modern Vehicles(https: //www.nhtsa.gov/staticfiles/nvs/pdf/812333_CybersecurityForModernVehicles.pdf)*2 Device Security Diagnostic: A service that detects, to the extent possible, any existing or unknown vulnerabilities affecting gaming devices, electronic book readers, digital appliances, wearable devices, IoT equipment, and the like. Launched in November 2012.

About NRI SecureNRI SecureTechnologies is a subsidiary of Nomura Research Institute (NRI) specializing in Cybersecurity, and a leading global provider of next-generation managed security services and security consulting. Established in 2000, NRI SecureTechnologies is focused on delivering high-value security outcomes for our clients with the precision and efficiency that define Japanese quality.